virtuals-protocol-acp 安全扫描报告 — 可信 | ClawSafe

5 /100

virtuals-protocol-acp

Agent Commerce Protocol (ACP) CLI — wallet, marketplace, token, and seller runtime for AI agents

This is a legitimate Agent Commerce Protocol CLI for the Virtuals Protocol. It provides marketplace job management, agent token launching, and a seller runtime. All observed behavior is declared in SKILL.md and matches the implementation.

技能名称virtuals-protocol-acp

分析耗时57.2s

引擎pi

✓

可以安装

This skill is safe to use. No security issues detected.

安全发现 1 项

严重性	安全发现	位置
低危	Dependencies use unpinned caret ranges 供应链 axios, dotenv, and socket.io-client are specified with ^ ranges rather than exact pinned versions. While no known CVEs are present, this allows unexpected upgrades. `"axios": "^1.13.4"` → Pin to exact versions (e.g., [email protected]) for reproducible builds.	`package.json:1`

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	src/lib/config.ts writes config.json; src/commands/sell.ts creates offering.json…
网络访问	`READ`	`READ`	✓ 一致	src/lib/client.ts makes HTTPS calls to claw-api.virtuals.io; src/seller/runtime/…
命令执行	`WRITE`	`WRITE`	✓ 一致	src/lib/open.ts uses exec() to open OAuth browser URL (declared in SKILL.md setu…
环境变量	`READ`	`READ`	✓ 一致	src/lib/config.ts loadApiKey() reads LITE_AGENT_API_KEY from process.env for leg…
技能调用	`NONE`	`NONE`	—	No skill invocation capabilities observed
剪贴板	`NONE`	`NONE`	—	No clipboard access observed
浏览器	`NONE`	`NONE`	—	No browser automation observed
数据库	`NONE`	`NONE`	—	No direct database access observed

11 项发现

🔗

中危外部 URL 外部 URL

https://app.virtuals.io/acp

README.md:3

🔗

中危外部 URL 外部 URL

https://virtuals.io

README.md:3

🔗

中危外部 URL 外部 URL

https://app.virtuals.io

SKILL.md:5

🔗

中危外部 URL 外部 URL

https://dotenvx.com

package-lock.json:548

💰

中危钱包地址加密货币钱包地址

0x1234567890123456789012345678901234567890

references/agent-wallet.md:23

💰

中危钱包地址加密货币钱包地址

0x833589fcd6edb6e08f4c7c32d4f71b54bda02913

references/agent-wallet.md:73

🔗

中危外部 URL 外部 URL

https://api.example.com/market-data

references/seller.md:448

🔗

中危外部 URL 外部 URL

https://api.example.com/endpoint

src/commands/sell.ts:658

🔗

中危外部 URL 外部 URL

https://app.virtuals.io/prototypes/$

src/commands/token.ts:74

🔗

中危外部 URL 外部 URL

https://acpx.virtuals.io

src/lib/auth.ts:16

🔗

中危外部 URL 外部 URL

https://claw-api.virtuals.io

src/lib/client.ts:15

目录结构

34 文件 · 200.3 KB · 6494 行

TypeScript 23f · 3873L Markdown 6f · 1354L JSON 4f · 1033L Shell 1f · 234L

├─ ▾ 📁 bin

│ └─ 📜 acp.ts TypeScript 460L · 15.3 KB

├─ ▾ 📁 references

│ ├─ 📝 acp-job.md Markdown 303L · 9.3 KB

│ ├─ 🔑 agent-token.md ⚠ Markdown 142L · 3.6 KB

│ ├─ 📝 agent-wallet.md Markdown 114L · 3.4 KB

│ └─ 📝 seller.md Markdown 468L · 17.2 KB

├─ ▾ 📁 src

│ ├─ ▾ 📁 commands

│ │ ├─ 📜 agent.ts TypeScript 262L · 7.6 KB

│ │ ├─ 📜 browse.ts TypeScript 68L · 1.9 KB

│ │ ├─ 📜 job.ts TypeScript 196L · 5.7 KB

│ │ ├─ 📜 profile.ts TypeScript 72L · 2.2 KB

│ │ ├─ 📜 sell.ts TypeScript 743L · 22.2 KB

│ │ ├─ 📜 serve.ts TypeScript 204L · 5.5 KB

│ │ ├─ 📜 setup.ts TypeScript 318L · 10.2 KB

│ │ ├─ 🔑 token.ts ⚠ TypeScript 88L · 2.6 KB

│ │ └─ 📜 wallet.ts TypeScript 87L · 2.8 KB

│ ├─ ▾ 📁 lib

│ │ ├─ 📜 api.ts TypeScript 98L · 2.6 KB

│ │ ├─ 📜 auth.ts TypeScript 264L · 7.2 KB

│ │ ├─ 📜 client.ts TypeScript 31L · 733 B

│ │ ├─ 📜 config.ts TypeScript 204L · 5.5 KB

│ │ ├─ 📜 open.ts TypeScript 25L · 697 B

│ │ ├─ 📜 output.ts TypeScript 104L · 2.9 KB

│ │ └─ 📜 wallet.ts TypeScript 30L · 715 B

│ └─ ▾ 📁 seller

│ └─ ▾ 📁 runtime

│ ├─ 📜 acpSocket.ts TypeScript 85L · 2.3 KB

│ ├─ 📜 offerings.ts TypeScript 78L · 2.2 KB

│ ├─ 📜 offeringTypes.ts TypeScript 52L · 1.9 KB

│ ├─ 📜 seller.ts TypeScript 271L · 7.0 KB

│ ├─ 📜 sellerApi.ts TypeScript 71L · 1.8 KB

│ └─ 📜 types.ts TypeScript 62L · 1.6 KB

├─ 📋 _meta.json JSON 5L · 147 B

├─ 📋 package-lock.json JSON 979L · 30.7 KB

├─ 📋 package.json JSON 29L · 887 B

├─ 📝 README.md Markdown 196L · 7.0 KB

├─ 📝 SKILL.md Markdown 131L · 7.7 KB

├─ 🔧 test-cli.sh Shell 234L · 7.1 KB

└─ 📋 tsconfig.json JSON 20L · 510 B

依赖分析 3 项

包名	版本	来源	已知漏洞	备注
`axios`	`^1.13.4`	npm	否	Caret range — consider pinning
`dotenv`	`^16.4.5`	npm	否	Caret range — consider pinning
`socket.io-client`	`^4.8.1`	npm	否	Caret range — consider pinning

安全亮点

✓ SKILL.md accurately documents all commands and capabilities — no doc-to-code mismatch

✓ API keys are stored in config.json and redacted in CLI output (redactApiKey function)

✓ No base64-encoded execution, eval(), or obfuscation observed

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) — filesystem access is scoped to repo root only

✓ No credential harvesting or data exfiltration — only reads LITE_AGENT_API_KEY for its own authentication

✓ OAuth browser flow is standard and declared for user-interactive login

✓ Seller runtime executes user-authored handlers only for registered job offerings on ACP

✓ All network traffic targets declared Virtuals Protocol endpoints (claw-api.virtuals.io, acpx.virtuals.io, app.virtuals.io)

✓ WebSocket socket.io-client is used for legitimate real-time job dispatch from ACP network

✓ process.kill(pid, 'SIGTERM') used only for stopping the seller's own daemon process